PHP Random Password Generator

This script allows you to create your own list of passwords based off a specific set of parameters. You can either use my copy of the script (listed below under "See it in use") to generate passwords, or you can download a copy of the PHP script and make your own modifications.

I constantly found myself needing to create new passwords, either for myself or clients. I HATE passwords that I can't tell what the characters are by just looking at it. I also got tired of clients contacting me because they can't figure out if their password contained a 1, l, I or o, O, 0 when they read the old password they taped to the bottom of their keyboard (yes, we know you do that).

All versions of this script, description, and documentation have been released under GNU General Public License. Basically this means you are free to use the script, modify it, and even redistribute versions of your own under the same license.

Allow uppercase characters: Allows the password that is created to have random upper-case characters. ABCDEFGHJKLMNPQRSTUVWXYZ + IO

Allow lowercase characters: Allows the password that is created to have random lower-case characters. abcdefghjkmnpqrstuvwxyz + iol

Allow digits: Allows the password that is created to have random digits/numbers. 23456789 + 01

Allow special characters: Allows any of the "symbol" characters that are typeable on a standard keyboard to be part of the password. The "Hide confusing characters" does not affect anything in this set. ~!@#$%^&*()_+[]\;',./~{}|:\"<>?

Require at least one character of each chosen type: This option forces at least one character of each type (upper, lower, digits, and/or special) you checked to be part of the password. This means if you checked an option like "Allow Digits" that at least one digit is in the password that is created.

Password length: How many characters long you want the password to be. By default the script requires between 4-20 characters.

How many passwords: How many random passwords you want to create/print. By default the script will generate between 1-99 passwords.

Challenge

Credits and a link to your website for anyone who posts a comment that includes suggestions (or code) that improves on the efficiency of the script. The requirements are that the script has to maintain the same level of functionality and it has to maintain (or improve) code readability.

I know for a fact that some of the stuff in there is done the ugly way. Since it works for what I need, if I wait on efficiency changes on a personal project it will sit there forever and probably never get released.

And yes I realize PHP's RNG is not true random, but the script is good enough for what I need. You are welcome to modify your own version with your own white-noise seed if you want.

While what you say about PHP's rand() function is accurate (and already pointed out in my documentation above), even if you knew exactly what options I chose when generating my password there is no real-world way to calculate what the password was.

The vulnerability with pseudorandom occurs when you either know the timestamp seed from when each random character was chosen or when enough of the "random" data is known to calculate the unknown parts. Neither of which apply here.